olt.txt:
OTL logfile created on: 5/20/2014 11:05:22 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Users\TC\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.94 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 64.53% Memory free
7.94 Gb Paging File | 6.35 Gb Available in Paging File | 79.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 211.35 Gb Free Space | 90.75% Space Free | Partition Type: NTFS
Drive D: | 3.00 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 111.79 Gb Total Space | 53.56 Gb Free Space | 47.91% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 283.21 Gb Free Space | 60.81% Space Free | Partition Type: NTFS
Computer Name: TC-PC | User Name: TC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - E:\Program Files (x86)\MSR\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
PRC - E:\Users\TC\Desktop\OTL.exe (OldTimer Tools)
PRC - E:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - E:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - E:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - E:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe ()
PRC - E:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Google Inc.)
PRC - E:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - E:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe ()
PRC - E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
========== Modules (No Company Name) ==========
MOD - E:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppgooglenaclpluginchrome.dll ()
MOD - E:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll ()
MOD - E:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
MOD - E:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll ()
MOD - E:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll ()
MOD - E:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll ()
MOD - E:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll ()
MOD - E:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AppXSvc) -- E:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- E:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- E:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (w3logsvc) -- E:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV:64bit: - (MSMQ) -- E:\Windows\SysNative\mqsvc.exe (Microsoft Corporation)
SRV:64bit: - (ClickToRunSvc) -- E:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- E:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- E:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- E:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- E:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- E:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- E:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- E:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- E:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- E:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- E:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- E:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- E:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- E:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- E:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (MsKeyboardFilter) -- E:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
SRV:64bit: - (NvStreamSvc) -- E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (PrintNotify) -- E:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- E:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- E:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- E:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- E:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- E:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- E:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- E:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- E:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- E:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- E:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- E:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- E:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- E:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- E:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- E:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- E:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- E:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- E:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- E:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- E:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- E:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- E:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV - (AVGIDSAgent) -- E:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- E:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (SystemUpdatekb70007) -- E:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe ()
SRV - (MozillaMaintenance) -- E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (WAS) -- E:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- E:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (w3logsvc) -- E:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- E:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (lfsvc) -- E:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (Stereo Service) -- E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (NvNetworkService) -- E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (PrintNotify) -- E:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- E:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- E:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (SwitchBoard) -- E:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (EPSON_EB_RPCV4_01) -- E:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_01) -- E:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (SEIKO EPSON CORPORATION)
========== Driver Services (SafeList) ==========
DRV:64bit: - (Avgldx64) -- E:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- E:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSHA) -- E:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgdiska) -- E:\Windows\SysNative\drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- E:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSDriver) -- E:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- E:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (avgtp) -- E:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (USBHUB3) -- E:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (CLFS) -- E:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- E:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- E:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (MQAC) -- E:\Windows\SysNative\drivers\mqac.sys (Microsoft Corporation)
DRV:64bit: - (Avgwfpa) -- E:\Windows\SysNative\drivers\avgwfpa.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (WdFilter) -- E:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- E:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- E:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- E:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- E:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- E:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- E:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- E:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- E:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- E:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- E:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- E:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- E:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- E:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (stornvme) -- E:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- E:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- E:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (kbldfltr) -- E:\Windows\SysNative\drivers\kbldfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- E:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- E:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- E:\Windows\SysNative\drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- E:\Windows\SysNative\drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- E:\Windows\SysNative\drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- E:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- E:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVHDA) -- E:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (Avgboota) -- E:\Windows\SysNative\drivers\avgboota.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (condrv) -- E:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- E:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- E:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- E:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- E:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- E:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- E:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- E:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- E:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- E:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- E:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- E:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- E:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- E:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- E:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- E:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- E:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- E:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- E:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- E:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- E:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- E:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- E:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- E:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- E:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- E:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- E:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- E:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- E:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- E:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- E:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- E:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- E:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- E:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- E:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- E:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- E:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- E:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- E:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- E:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- E:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- E:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- E:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- E:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- E:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- E:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- E:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- E:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- E:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- E:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- E:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- E:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- E:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- E:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- E:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- E:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (FETNDIS) -- E:\Windows\SysNative\drivers\fetn63a.sys (VIA Technologies, Inc. )
DRV:64bit: - (e1express) -- E:\Windows\SysNative\drivers\e1e6032e.sys (Intel Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = E:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...M=IE8SRC<br />
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 41 33 95 EE 1E CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...IE11SR<br /> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..network.proxy.type: 1user_pref("network.proxy.http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118);
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: E:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: E:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014/02/18 12:36:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Components: E:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Plugins: E:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\sp2@sp.com: E:\Program Files (x86)\Social Privacy\FF\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Components: E:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Plugins: E:\Program Files (x86)\Mozilla Thunderbird\plugins
[2014/01/31 21:15:41 | 000,000,000 | ---D | M] (No name found) -- E:\Users\TC\AppData\Roaming\mozilla\Extensions
[2014/05/19 13:08:36 | 000,000,000 | ---D | M] (No name found) -- E:\Users\TC\AppData\Roaming\mozilla\firefox\Profiles\cbp1j90p.default\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = E:\Users\TC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_1\
CHR - Extension: Google Drive = E:\Users\TC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: YouTube = E:\Users\TC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google Search = E:\Users\TC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Google Wallet = E:\Users\TC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = E:\Users\TC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2014/05/15 14:03:59 | 000,000,741 | ---- | M]) - E:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [NvBackend] E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] E:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] E:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_UI] E:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [SwitchBoard] E:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [EPSON Color] E:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFEA.EXE /FU "E:\Users\TC\AppData\Local\Temp\E_SA5D9.tmp" /EF "HKCU" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Se&nd to OneNote - E:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Append Link Target to Existing PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Se&nd to OneNote - E:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{76C74BA9-314C-4190-BAF7-424FAE8385CC}: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F07E79E6-ADED-4DB0-87BD-CD4E8676521F}: DhcpNameServer = 192.168.0.1 205.171.3.25
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (E:\Windows\system32\userinit.exe) - E:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - E:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/14 03:29:38 | 000,000,122 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2014/05/12 17:19:22 | 000,000,000 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: lfsvc - E:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - E:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - E:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - E:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - E:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs:64bit: MsKeyboardFilter - E:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - E:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - E:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - E:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/05/20 10:53:01 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- E:\Users\TC\Desktop\HiJackThis (1).exe
[2014/05/20 10:42:56 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\MSR
[2014/05/19 17:20:52 | 000,000,000 | ---D | C] -- E:\Users\TC\Tracing
[2014/05/19 17:06:45 | 000,000,000 | ---D | C] -- E:\WINDOWS\en
[2014/05/19 17:06:41 | 000,000,000 | R--D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2014/05/19 17:06:35 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2014/05/19 17:06:20 | 000,000,000 | ---D | C] -- E:\Program Files\Windows Live
[2014/05/19 17:06:19 | 000,000,000 | ---D | C] -- E:\WINDOWS\PCHEALTH
[2014/05/19 17:06:15 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Windows Live
[2014/05/19 17:06:10 | 002,526,056 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\D3DCompiler_43.dll
[2014/05/19 17:06:10 | 002,106,216 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\D3DCompiler_43.dll
[2014/05/19 17:06:10 | 000,527,192 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\XAudio2_7.dll
[2014/05/19 17:06:10 | 000,518,488 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\XAudio2_7.dll
[2014/05/19 17:06:10 | 000,077,656 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\XAPOFX1_5.dll
[2014/05/19 17:06:10 | 000,074,072 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\XAPOFX1_5.dll
[2014/05/19 17:05:37 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\Windows Live
[2014/05/19 17:05:26 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Windows Live
[2014/05/19 14:28:46 | 000,982,016 | ---- | C] (Farbar) -- E:\Users\TC\Desktop\MiniToolBox.exe
[2014/05/19 13:50:47 | 005,200,426 | ---- | C] (Swearware) -- E:\Users\TC\Desktop\ComboFix.exe
[2014/05/19 13:49:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- E:\Users\TC\Desktop\OTL.exe
[2014/05/19 13:41:11 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\CrashDumps
[2014/05/19 13:37:15 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\MigWiz
[2014/05/19 13:00:31 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\Mozilla
[2014/05/19 10:13:03 | 000,000,000 | ---D | C] -- E:\WINDOWS\ERUNT
[2014/05/19 10:10:31 | 000,000,000 | ---D | C] -- E:\AdwCleaner
[2014/05/19 10:08:13 | 001,016,261 | ---- | C] (Thisisu) -- E:\Users\TC\Desktop\JRT.exe
[2014/05/19 10:04:19 | 000,000,000 | ---D | C] -- E:\Users\TC\Desktop\rkill
[2014/05/19 10:01:06 | 001,933,048 | ---- | C] (Bleeping Computer, LLC) -- E:\Users\TC\Desktop\rkill.exe
[2014/05/15 14:08:53 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- E:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/15 14:08:10 | 000,000,000 | ---D | C] -- E:\ProgramData\Malwarebytes
[2014/05/15 12:28:52 | 000,536,576 | ---- | C] (SQLite Development Team) -- E:\WINDOWS\SysWow64\sqlite3.dll
[2014/05/15 12:17:43 | 000,000,000 | ---D | C] -- E:\Users\TC\Desktop\RK_Quarantine
[2014/05/15 12:16:29 | 000,000,000 | ---D | C] -- E:\ProgramData\HitmanPro
[2014/05/14 21:40:18 | 000,308,224 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wusa.exe
[2014/05/14 21:40:18 | 000,305,152 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wusa.exe
[2014/05/14 21:40:17 | 000,257,880 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014/05/14 21:40:17 | 000,123,224 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014/05/14 21:40:16 | 000,035,856 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014/05/14 21:40:13 | 013,288,960 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\twinui.dll
[2014/05/14 21:40:13 | 000,190,976 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\storewuauth.dll
[2014/05/14 21:40:12 | 011,792,384 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\twinui.dll
[2014/05/14 21:40:12 | 001,705,472 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wucltux.dll
[2014/05/14 21:40:12 | 001,054,208 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\twinui.appcore.dll
[2014/05/14 21:40:12 | 000,921,088 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\WSShared.dll
[2014/05/14 21:40:12 | 000,828,928 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\twinui.appcore.dll
[2014/05/14 21:40:12 | 000,827,392 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wuapi.dll
[2014/05/14 21:40:12 | 000,754,688 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\WSShared.dll
[2014/05/14 21:40:12 | 000,666,624 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wuapi.dll
[2014/05/14 21:40:12 | 000,555,736 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\twinapi.appcore.dll
[2014/05/14 21:40:12 | 000,419,928 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\twinapi.appcore.dll
[2014/05/14 21:40:12 | 000,381,440 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/05/14 21:40:12 | 000,249,344 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/14 21:40:12 | 000,201,728 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ubpm.dll
[2014/05/14 21:40:12 | 000,189,952 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/14 21:40:12 | 000,137,728 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wuwebv.dll
[2014/05/14 21:40:12 | 000,123,904 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wuwebv.dll
[2014/05/14 21:40:12 | 000,093,696 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wudriver.dll
[2014/05/14 21:40:12 | 000,080,896 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wudriver.dll
[2014/05/14 21:40:12 | 000,079,872 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\WSReset.exe
[2014/05/14 21:40:12 | 000,056,320 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wups.dll
[2014/05/14 21:40:12 | 000,054,776 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wuauclt.exe
[2014/05/14 21:40:12 | 000,035,328 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wuapp.exe
[2014/05/14 21:40:12 | 000,031,232 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wuapp.exe
[2014/05/14 21:40:12 | 000,025,088 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wups.dll
[2014/05/14 21:40:03 | 000,084,992 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mshtmled.dll
[2014/05/14 21:40:01 | 000,069,632 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mshtmled.dll
[2014/05/14 21:39:41 | 000,086,688 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mrt_map.dll
[2014/05/14 21:39:41 | 000,080,032 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mrt_map.dll
[2014/05/14 21:39:41 | 000,028,320 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mrt100.dll
[2014/05/14 21:39:41 | 000,026,784 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mrt100.dll
[2014/05/13 14:20:26 | 000,235,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgldx64.sys
[2014/05/13 14:06:06 | 000,323,352 | ---- | C] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgloga.sys
[2014/05/13 14:05:40 | 000,191,768 | ---- | C] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgidsha.sys
[2014/05/13 14:05:08 | 000,152,344 | ---- | C] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgdiska.sys
[2014/05/13 14:05:06 | 000,130,328 | ---- | C] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgmfx64.sys
[2014/05/13 14:04:56 | 000,236,312 | ---- | C] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgidsdrivera.sys
[2014/05/13 14:04:30 | 000,031,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgrkx64.sys
[2014/05/13 13:48:38 | 000,000,000 | --SD | C] -- E:\Users\TC\Documents\My Data Sources
[2014/05/12 22:54:03 | 000,000,000 | ---D | C] -- E:\Users\TC\.android
[2014/05/12 22:53:03 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\CrashRpt
[2014/05/12 22:50:22 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Roaming\Angry_Birds
[2014/05/12 22:42:54 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\Deployment
[2014/05/12 22:31:49 | 000,000,000 | -HSD | C] -- E:\Users\TC\AppData\Local\EmieUserList
[2014/05/12 22:31:49 | 000,000,000 | -HSD | C] -- E:\Users\TC\AppData\Local\EmieSiteList
[2014/05/12 22:26:47 | 000,000,000 | ---D | C] -- E:\WINDOWS\Microsoft
[2014/05/12 17:18:42 | 000,000,000 | ---D | C] -- E:\Program Files\Enigma Software Group
[2014/05/12 17:18:17 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014/05/05 12:25:00 | 000,000,000 | ---D | C] -- E:\WINDOWS\Panther
[2014/05/05 12:23:48 | 016,875,520 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/05/05 12:23:48 | 012,732,416 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/05/05 12:23:48 | 008,653,824 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/05/05 12:23:48 | 007,425,368 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ntoskrnl.exe
[2014/05/05 12:23:48 | 006,641,152 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mstscax.dll
[2014/05/05 12:23:48 | 005,833,728 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/05/05 12:23:48 | 005,770,752 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mstscax.dll
[2014/05/05 12:23:48 | 004,268,544 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SyncEngine.dll
[2014/05/05 12:23:48 | 002,900,992 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\msftedit.dll
[2014/05/05 12:23:48 | 002,641,920 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\authui.dll
[2014/05/05 12:23:48 | 002,373,784 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\explorer.exe
[2014/05/05 12:23:48 | 002,317,824 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\authui.dll
[2014/05/05 12:23:48 | 002,270,208 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\msftedit.dll
[2014/05/05 12:23:48 | 002,141,912 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\d3d11.dll
[2014/05/05 12:23:48 | 002,133,504 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dwmcore.dll
[2014/05/05 12:23:48 | 002,088,160 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\explorer.exe
[2014/05/05 12:23:48 | 001,843,712 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Display.dll
[2014/05/05 12:23:48 | 001,816,576 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Display.dll
[2014/05/05 12:23:48 | 001,779,800 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\d3d11.dll
[2014/05/05 12:23:48 | 001,764,864 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\dwmcore.dll
[2014/05/05 12:23:48 | 001,656,832 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\GdiPlus.dll
[2014/05/05 12:23:48 | 001,542,768 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ole32.dll
[2014/05/05 12:23:48 | 001,466,864 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\propsys.dll
[2014/05/05 12:23:48 | 001,411,584 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\lsasrv.dll
[2014/05/05 12:23:48 | 001,351,168 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\GdiPlus.dll
[2014/05/05 12:23:48 | 001,339,240 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\gdi32.dll
[2014/05/05 12:23:48 | 001,306,624 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/05/05 12:23:48 | 001,291,200 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\kernel32.dll
[2014/05/05 12:23:48 | 001,230,336 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Media.dll
[2014/05/05 12:23:48 | 001,129,472 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SearchFolder.dll
[2014/05/05 12:23:48 | 001,112,536 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\KernelBase.dll
[2014/05/05 12:23:48 | 001,057,280 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\rdvidcrl.dll
[2014/05/05 12:23:48 | 001,023,488 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\localspl.dll
[2014/05/05 12:23:48 | 001,015,808 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\aclui.dll
[2014/05/05 12:23:48 | 000,958,464 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/05/05 12:23:48 | 000,950,784 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ReAgent.dll
[2014/05/05 12:23:48 | 000,924,160 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/05/05 12:23:48 | 000,918,528 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MrmCoreR.dll
[2014/05/05 12:23:48 | 000,888,320 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Media.dll
[2014/05/05 12:23:48 | 000,887,296 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\aclui.dll
[2014/05/05 12:23:48 | 000,872,448 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SkyDrive.exe
[2014/05/05 12:23:48 | 000,855,552 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/05/05 12:23:48 | 000,834,560 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\netlogon.dll
[2014/05/05 12:23:48 | 000,801,792 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/05/05 12:23:48 | 000,800,256 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\ReAgent.dll
[2014/05/05 12:23:48 | 000,731,648 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\adtschema.dll
[2014/05/05 12:23:48 | 000,731,648 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\adtschema.dll
[2014/05/05 12:23:48 | 000,721,408 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/05/05 12:23:48 | 000,717,312 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\nshwfp.dll
[2014/05/05 12:23:48 | 000,669,696 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\rasapi32.dll
[2014/05/05 12:23:48 | 000,667,136 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\gpprefcl.dll
[2014/05/05 12:23:48 | 000,655,360 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dnsapi.dll
[2014/05/05 12:23:48 | 000,629,760 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/05/05 12:23:48 | 000,621,568 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MDMAgent.exe
[2014/05/05 12:23:48 | 000,589,824 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\gpprefcl.dll
[2014/05/05 12:23:48 | 000,567,296 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\nshwfp.dll
[2014/05/05 12:23:48 | 000,563,200 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AdmTmpl.dll
[2014/05/05 12:23:48 | 000,542,208 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Graphics.Printing.dll
[2014/05/05 12:23:48 | 000,518,552 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dxgi.dll
[2014/05/05 12:23:48 | 000,512,000 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlidprov.dll
[2014/05/05 12:23:48 | 000,492,256 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mfsvr.dll
[2014/05/05 12:23:48 | 000,488,280 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\netcfgx.dll
[2014/05/05 12:23:48 | 000,467,800 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014/05/05 12:23:48 | 000,467,504 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AudioSes.dll
[2014/05/05 12:23:48 | 000,463,264 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AudioEng.dll
[2014/05/05 12:23:48 | 000,462,336 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlangpui.dll
[2014/05/05 12:23:48 | 000,444,928 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AdmTmpl.dll
[2014/05/05 12:23:48 | 000,443,904 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlansec.dll
[2014/05/05 12:23:48 | 000,428,888 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/05/05 12:23:48 | 000,425,984 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\clusapi.dll
[2014/05/05 12:23:48 | 000,412,672 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\FWPUCLNT.DLL
[2014/05/05 12:23:48 | 000,402,432 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Graphics.Printing.dll
[2014/05/05 12:23:48 | 000,390,488 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\netcfgx.dll
[2014/05/05 12:23:48 | 000,388,408 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mfsvr.dll
[2014/05/05 12:23:48 | 000,386,560 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlangpui.dll
[2014/05/05 12:23:48 | 000,379,224 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014/05/05 12:23:48 | 000,376,152 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\clfs.sys
[2014/05/05 12:23:48 | 000,370,176 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlanmsm.dll
[2014/05/05 12:23:48 | 000,364,640 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/05/05 12:23:48 | 000,360,512 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mfreadwrite.dll
[2014/05/05 12:23:48 | 000,356,864 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlidprov.dll
[2014/05/05 12:23:48 | 000,356,848 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dcomp.dll
[2014/05/05 12:23:48 | 000,355,832 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mfreadwrite.dll
[2014/05/05 12:23:48 | 000,337,752 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014/05/05 12:23:48 | 000,334,848 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MDEServer.exe
[2014/05/05 12:23:48 | 000,325,632 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\LocationApi.dll
[2014/05/05 12:23:48 | 000,313,344 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\clusapi.dll
[2014/05/05 12:23:48 | 000,305,768 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/05/05 12:23:48 | 000,300,544 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlanmsm.dll
[2014/05/05 12:23:48 | 000,299,008 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\pdh.dll
[2014/05/05 12:23:48 | 000,298,496 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\WSDMon.dll
[2014/05/05 12:23:48 | 000,296,960 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlanapi.dll
[2014/05/05 12:23:48 | 000,291,840 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2014/05/05 12:23:48 | 000,274,944 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\WsmWmiPl.dll
[2014/05/05 12:23:48 | 000,271,872 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\spp.dll
[2014/05/05 12:23:48 | 000,264,192 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2014/05/05 12:23:48 | 000,262,656 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\LocationApi.dll
[2014/05/05 12:23:48 | 000,254,976 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\pdh.dll
[2014/05/05 12:23:48 | 000,252,928 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/05/05 12:23:48 | 000,247,296 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SensorsApi.dll
[2014/05/05 12:23:48 | 000,244,888 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\audiodg.exe
[2014/05/05 12:23:48 | 000,230,400 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlanapi.dll
[2014/05/05 12:23:48 | 000,226,304 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2014/05/05 12:23:48 | 000,222,720 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\dcomp.dll
[2014/05/05 12:23:48 | 000,212,992 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\cdd.dll
[2014/05/05 12:23:48 | 000,201,216 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ReInfo.dll
[2014/05/05 12:23:48 | 000,201,216 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/05/05 12:23:48 | 000,197,632 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/05/05 12:23:48 | 000,192,000 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Devices.Scanners.dll
[2014/05/05 12:23:48 | 000,186,368 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dafWfdProvider.dll
[2014/05/05 12:23:48 | 000,172,544 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\ReInfo.dll
[2014/05/05 12:23:48 | 000,171,008 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\SensorsApi.dll
[2014/05/05 12:23:48 | 000,160,768 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppxAllUserStore.dll
[2014/05/05 12:23:48 | 000,157,016 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\wof.sys
[2014/05/05 12:23:48 | 000,151,040 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2014/05/05 12:23:48 | 000,139,776 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2014/05/05 12:23:48 | 000,136,024 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2014/05/05 12:23:48 | 000,115,200 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\DevPropMgr.dll
[2014/05/05 12:23:48 | 000,113,648 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\userenv.dll
[2014/05/05 12:23:48 | 000,111,616 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\hidclass.sys
[2014/05/05 12:23:48 | 000,110,592 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drvinst.exe
[2014/05/05 12:23:48 | 000,102,912 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\davclnt.dll
[2014/05/05 12:23:48 | 000,098,816 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\drvinst.exe
[2014/05/05 12:23:48 | 000,086,016 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\RMapi.dll
[2014/05/05 12:23:48 | 000,083,968 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\sxproxy.dll
[2014/05/05 12:23:48 | 000,079,360 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\w32tm.exe
[2014/05/05 12:23:48 | 000,070,656 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\w32tm.exe
[2014/05/05 12:23:48 | 000,069,120 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\l2gpstore.dll
[2014/05/05 12:23:48 | 000,064,512 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\tsgqec.dll
[2014/05/05 12:23:48 | 000,058,368 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\l2gpstore.dll
[2014/05/05 12:23:48 | 000,057,856 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drvcfg.exe
[2014/05/05 12:23:48 | 000,053,248 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\tsgqec.dll
[2014/05/05 12:23:48 | 000,040,960 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2014/05/05 12:23:48 | 000,040,448 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SetNetworkLocation.dll
[2014/05/05 12:23:48 | 000,035,328 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2014/05/05 12:23:48 | 000,033,792 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\sxproxy.dll
[2014/05/05 12:23:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/05/05 12:23:48 | 000,027,136 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/05/05 12:23:48 | 000,011,264 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlanhlp.dll
[2014/05/05 12:23:48 | 000,011,264 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlanhlp.dll
[2014/05/05 12:18:06 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Reference Assemblies
[2014/05/05 12:18:06 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\MSBuild
[2014/05/05 12:18:05 | 000,000,000 | ---D | C] -- E:\Program Files\Reference Assemblies
[2014/05/05 12:18:05 | 000,000,000 | ---D | C] -- E:\WINDOWS\SysNative\msmq
[2014/05/05 12:18:05 | 000,000,000 | ---D | C] -- E:\Program Files\MSBuild
[2014/05/05 12:18:05 | 000,000,000 | ---D | C] -- E:\inetpub
[2014/05/05 12:18:05 | 000,000,000 | ---D | C] -- E:\WINDOWS\SysWow64\BestPractices
[2014/05/05 12:18:05 | 000,000,000 | ---D | C] -- E:\WINDOWS\SysNative\BestPractices
[2014/05/05 12:18:02 | 000,606,720 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqsnap.dll
[2014/05/05 12:18:02 | 000,192,000 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\iisRtl.dll
[2014/05/05 12:18:02 | 000,173,568 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\mqac.sys
[2014/05/05 12:18:02 | 000,157,696 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\iisRtl.dll
[2014/05/05 12:18:02 | 000,095,744 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa.tlb
[2014/05/05 12:18:02 | 000,090,112 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa30.tlb
[2014/05/05 12:18:02 | 000,062,976 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ahadmin.dll
[2014/05/05 12:18:02 | 000,054,784 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa20.tlb
[2014/05/05 12:18:02 | 000,054,784 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\admwprox.dll
[2014/05/05 12:18:02 | 000,051,200 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\admwprox.dll
[2014/05/05 12:18:02 | 000,036,352 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa10.tlb
[2014/05/05 12:18:02 | 000,017,408 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\iisreset.exe
[2014/05/05 12:18:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wamregps.dll
[2014/05/05 12:18:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqcertui.dll
[2014/05/05 12:18:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\iisrstap.dll
[2014/05/05 12:18:01 | 000,788,992 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqsnap.dll
[2014/05/05 12:18:01 | 000,563,200 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqutil.dll
[2014/05/05 12:18:01 | 000,253,440 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa.dll
[2014/05/05 12:18:01 | 000,231,424 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqsec.dll
[2014/05/05 12:18:01 | 000,227,840 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqrt.dll
[2014/05/05 12:18:01 | 000,226,816 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqad.dll
[2014/05/05 12:18:01 | 000,144,384 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqcmiplugin.dll
[2014/05/05 12:18:01 | 000,135,168 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqmigplugin.dll
[2014/05/05 12:18:01 | 000,122,368 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqlogmgr.dll
[2014/05/05 12:18:01 | 000,095,744 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa.tlb
[2014/05/05 12:18:01 | 000,090,112 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa30.tlb
[2014/05/05 12:18:01 | 000,054,784 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa20.tlb
[2014/05/05 12:18:01 | 000,036,352 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa10.tlb
[2014/05/05 12:18:01 | 000,026,112 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\ahadmin.dll
[2014/05/05 12:18:01 | 000,017,408 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqcertui.dll
[2014/05/05 12:18:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\iisreset.exe
[2014/05/05 12:18:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wamregps.dll
[2014/05/05 12:18:01 | 000,010,240 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\iisrstap.dll
[2014/05/05 12:18:00 | 001,408,512 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqqm.dll
[2014/05/05 12:18:00 | 000,563,712 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqutil.dll
[2014/05/05 12:18:00 | 000,302,080 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa.dll
[2014/05/05 12:18:00 | 000,184,832 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqsec.dll
[2014/05/05 12:18:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqad.dll
[2014/05/05 12:18:00 | 000,157,184 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqrt.dll
[2014/05/05 12:18:00 | 000,131,072 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqmigplugin.dll
[2014/05/05 12:18:00 | 000,118,784 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqcmiplugin.dll
[2014/05/05 12:17:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqbkup.exe
[2014/05/05 12:17:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqsvc.exe
[2014/05/05 12:17:49 | 000,778,936 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2014/05/05 12:17:49 | 000,102,608 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/05/05 12:17:49 | 000,035,480 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\TsWpfWrp.exe
[2014/05/05 12:17:48 | 001,166,520 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2014/05/05 12:17:48 | 000,124,112 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/05/05 12:17:48 | 000,035,480 | ---- | C] (Microsoft Corporation) -- E:\WINDOWS\SysNative\TsWpfWrp.exe
[2014/05/05 10:41:33 | 000,000,000 | R--D | C] -- E:\Users\TC\OneDrive
[2014/05/05 10:38:33 | 000,000,000 | -HSD | C] -- E:\ProgramData\Favorites
[2014/05/05 10:33:01 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\SpeechEngines
[2014/05/05 10:32:59 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\SpeechEngines
[2014/05/05 10:30:24 | 000,000,000 | --SD | C] -- E:\Users\TC\AppData\Roaming\Microsoft
[2014/05/05 10:30:24 | 000,000,000 | R--D | C] -- E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/05/05 10:30:24 | 000,000,000 | R--D | C] -- E:\Users\TC\Favorites
[2014/05/05 10:30:24 | 000,000,000 | R--D | C] -- E:\Users\TC\Documents
[2014/05/05 10:30:24 | 000,000,000 | R--D | C] -- E:\Users\TC\Desktop
[2014/05/05 10:30:24 | 000,000,000 | R--D | C] -- E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/05/05 10:30:24 | 000,000,000 | R--D | C] -- E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\AppData\Local\Temporary Internet Files
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Templates
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Start Menu
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\SendTo
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Recent
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\PrintHood
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\NetHood
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Documents\My Videos
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Documents\My Pictures
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Documents\My Music
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\My Documents
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Local Settings
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\AppData\Local\History
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Cookies
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\Application Data
[2014/05/05 10:30:24 | 000,000,000 | -HSD | C] -- E:\Users\TC\AppData\Local\Application Data
[2014/05/05 10:30:24 | 000,000,000 | -H-D | C] -- E:\Users\TC\AppData
[2014/05/05 10:30:24 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\Temp
[2014/05/05 10:30:24 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\Microsoft
[2014/05/05 10:30:24 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/05/05 10:26:16 | 000,000,000 | ---D | C] -- E:\ProgramData\NVIDIA
[2014/05/05 10:26:13 | 006,714,312 | ---- | C] (NVIDIA Corporation) -- E:\WINDOWS\SysNative\nvcpl.dll
[2014/05/05 10:26:13 | 003,497,816 | ---- | C] (NVIDIA Corporation) -- E:\WINDOWS\SysNative\nvsvc64.dll
[2014/05/05 10:26:13 | 000,386,336 | ---- | C] (NVIDIA Corporation) -- E:\WINDOWS\SysNative\nvmctray.dll
[2014/05/05 10:26:13 | 000,064,968 | ---- | C] (NVIDIA Corporation) -- E:\WINDOWS\SysNative\nvshext.dll
[2014/05/05 10:26:07 | 000,000,000 | ---D | C] -- E:\ProgramData\NVIDIA Corporation
[2014/05/05 10:26:04 | 000,000,000 | ---D | C] -- E:\Program Files\NVIDIA Corporation
[2014/05/05 10:25:59 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2014/05/05 10:25:59 | 000,000,000 | ---D | C] -- E:\ProgramData\EPSON
[2014/05/05 10:25:42 | 000,000,000 | ---D | C] -- E:\WINDOWS\Prefetch
[2014/04/30 13:41:01 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Local\Diagnostics
[2014/04/29 19:07:29 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Mozilla Thunderbird
[2014/04/29 15:03:17 | 000,000,000 | ---D | C] -- E:\ProgramData\Corel
[2014/04/29 15:01:42 | 000,000,000 | ---D | C] -- E:\Program Files\Corel
[2014/04/29 14:18:24 | 000,000,000 | ---D | C] -- E:\Users\TC\Documents\My Palettes
[2014/04/29 14:15:12 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Roaming\Corel
[2014/04/29 14:15:11 | 000,000,000 | ---D | C] -- E:\ProgramData\Protexis64
[2014/04/29 14:06:56 | 000,000,000 | ---D | C] -- E:\Users\TC\Documents\Corel
[2014/04/29 14:06:54 | 000,000,000 | ---D | C] -- E:\Users\TC\Documents\Visual Studio 2008
[2014/04/29 14:06:19 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Microsoft SDKs
[2014/04/29 14:06:18 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Microsoft Visual Studio 9.0
[2014/04/29 14:06:17 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft Help
[2014/04/29 14:06:01 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Intel
[2014/04/29 13:58:15 | 000,000,000 | ---D | C] -- E:\ProgramData\CorelDRAW Graphics Suite X6
[2014/04/25 08:40:28 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Avg Secure Update
[2014/04/24 12:49:30 | 000,000,000 | ---D | C] -- E:\AITEMP
[2014/04/22 11:31:56 | 000,000,000 | ---D | C] -- E:\Users\TC\AppData\Roaming\TeamViewer
[2014/04/22 11:31:54 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\TeamViewer
[1 E:\WINDOWS\SysNative\*.tmp files -> E:\WINDOWS\SysNative\*.tmp -> ]
[1 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/05/20 10:53:28 | 000,625,664 | ---- | M] () -- E:\Users\TC\Desktop\dds.scr
[2014/05/20 10:53:02 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- E:\Users\TC\Desktop\HiJackThis (1).exe
[2014/05/20 10:50:05 | 000,994,000 | ---- | M] () -- E:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/05/20 10:50:05 | 000,823,842 | ---- | M] () -- E:\WINDOWS\SysNative\perfh009.dat
[2014/05/20 10:50:05 | 000,168,842 | ---- | M] () -- E:\WINDOWS\SysNative\perfc009.dat
[2014/05/20 10:44:58 | 000,002,203 | ---- | M] () -- E:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/20 10:44:53 | 000,067,584 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2014/05/20 10:43:53 | 000,000,886 | ---- | M] () -- E:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/20 10:43:35 | 000,000,386 | ---- | M] () -- E:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rmv.job
[2014/05/20 10:43:31 | 000,000,386 | ---- | M] () -- E:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rel.job
[2014/05/20 10:42:45 | 268,435,456 | -HS- | M] () -- E:\swapfile.sys
[2014/05/20 10:42:42 | 3170,185,216 | -HS- | M] () -- E:\hiberfil.sys
[2014/05/20 10:39:11 | 001,326,389 | ---- | M] () -- E:\Users\TC\Desktop\adwcleaner_3.210.exe
[2014/05/20 10:30:00 | 000,000,890 | ---- | M] () -- E:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/19 14:28:50 | 000,982,016 | ---- | M] (Farbar) -- E:\Users\TC\Desktop\MiniToolBox.exe
[2014/05/19 13:51:04 | 005,200,426 | ---- | M] (Swearware) -- E:\Users\TC\Desktop\ComboFix.exe
[2014/05/19 13:49:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\TC\Desktop\OTL.exe
[2014/05/19 10:21:27 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- E:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/19 10:21:04 | 005,318,392 | ---- | M] () -- E:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/05/19 10:08:13 | 001,016,261 | ---- | M] (Thisisu) -- E:\Users\TC\Desktop\JRT.exe
[2014/05/19 10:01:07 | 001,933,048 | ---- | M] (Bleeping Computer, LLC) -- E:\Users\TC\Desktop\rkill.exe
[2014/05/19 09:13:26 | 000,000,981 | ---- | M] () -- E:\Users\Public\Desktop\AVG 2014.lnk
[2014/05/16 09:37:45 | 000,005,728 | ---- | M] () -- E:\Users\Public\Documents\emailexport.csv
[2014/05/15 14:03:59 | 000,000,741 | ---- | M] () -- E:\WINDOWS\SysNative\drivers\etc\hosts
[2014/05/15 12:24:11 | 003,972,608 | ---- | M] () -- E:\Users\TC\Desktop\RogueKiller (1).exe
[2014/05/15 12:21:35 | 000,004,620 | ---- | M] () -- E:\WINDOWS\SysNative\.crusader
[2014/05/15 11:54:45 | 000,002,299 | ---- | M] () -- E:\Users\TC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/15 10:13:59 | 000,000,104 | ---- | M] () -- E:\index.ini
[2014/05/13 14:20:26 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgldx64.sys
[2014/05/13 14:06:06 | 000,323,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgloga.sys
[2014/05/13 14:05:40 | 000,191,768 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgidsha.sys
[2014/05/13 14:05:08 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgdiska.sys
[2014/05/13 14:05:06 | 000,130,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgmfx64.sys
[2014/05/13 14:04:56 | 000,236,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgidsdrivera.sys
[2014/05/13 14:04:30 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\WINDOWS\SysNative\drivers\avgrkx64.sys
[2014/05/12 17:19:22 | 000,000,000 | ---- | M] () -- E:\autoexec.bat
[2014/05/11 18:25:46 | 000,101,914 | ---- | M] () -- E:\Users\TC\Documents\Common Medical Authorization_1.pdf
[2014/05/11 18:20:10 | 000,083,455 | ---- | M] () -- E:\Users\TC\Documents\Common Medical Authorization.pdf
[2014/05/11 18:06:32 | 000,077,123 | ---- | M] () -- E:\Users\TC\Documents\sample_schedule_FOL1146.pdf
[2014/05/08 04:35:40 | 000,050,464 | ---- | M] (AVG Technologies) -- E:\WINDOWS\SysNative\drivers\avgtpx64.sys
[2014/05/06 11:05:50 | 000,000,162 | -H-- | M] () -- E:\Users\TC\Documents\~$inglet.htm
[2014/05/05 21:00:47 | 000,084,992 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mshtmled.dll
[2014/05/05 20:10:52 | 000,069,632 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mshtmled.dll
[2014/05/05 12:23:48 | 016,875,520 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/05/05 12:23:48 | 012,732,416 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/05/05 12:23:48 | 008,653,824 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/05/05 12:23:48 | 007,425,368 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ntoskrnl.exe
[2014/05/05 12:23:48 | 006,641,152 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mstscax.dll
[2014/05/05 12:23:48 | 005,833,728 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/05/05 12:23:48 | 005,770,752 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mstscax.dll
[2014/05/05 12:23:48 | 004,268,544 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SyncEngine.dll
[2014/05/05 12:23:48 | 002,900,992 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\msftedit.dll
[2014/05/05 12:23:48 | 002,641,920 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\authui.dll
[2014/05/05 12:23:48 | 002,373,784 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\explorer.exe
[2014/05/05 12:23:48 | 002,317,824 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\authui.dll
[2014/05/05 12:23:48 | 002,270,208 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\msftedit.dll
[2014/05/05 12:23:48 | 002,141,912 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\d3d11.dll
[2014/05/05 12:23:48 | 002,133,504 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dwmcore.dll
[2014/05/05 12:23:48 | 002,088,160 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\explorer.exe
[2014/05/05 12:23:48 | 001,843,712 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Display.dll
[2014/05/05 12:23:48 | 001,816,576 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Display.dll
[2014/05/05 12:23:48 | 001,779,800 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\d3d11.dll
[2014/05/05 12:23:48 | 001,764,864 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\dwmcore.dll
[2014/05/05 12:23:48 | 001,656,832 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\GdiPlus.dll
[2014/05/05 12:23:48 | 001,542,768 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ole32.dll
[2014/05/05 12:23:48 | 001,466,864 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\propsys.dll
[2014/05/05 12:23:48 | 001,411,584 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\lsasrv.dll
[2014/05/05 12:23:48 | 001,351,168 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\GdiPlus.dll
[2014/05/05 12:23:48 | 001,339,240 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\gdi32.dll
[2014/05/05 12:23:48 | 001,306,624 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/05/05 12:23:48 | 001,291,200 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\kernel32.dll
[2014/05/05 12:23:48 | 001,230,336 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Media.dll
[2014/05/05 12:23:48 | 001,129,472 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SearchFolder.dll
[2014/05/05 12:23:48 | 001,112,536 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\KernelBase.dll
[2014/05/05 12:23:48 | 001,057,280 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\rdvidcrl.dll
[2014/05/05 12:23:48 | 001,023,488 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\localspl.dll
[2014/05/05 12:23:48 | 001,015,808 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\aclui.dll
[2014/05/05 12:23:48 | 000,958,464 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/05/05 12:23:48 | 000,950,784 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ReAgent.dll
[2014/05/05 12:23:48 | 000,924,160 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/05/05 12:23:48 | 000,918,528 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MrmCoreR.dll
[2014/05/05 12:23:48 | 000,888,320 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Media.dll
[2014/05/05 12:23:48 | 000,887,296 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\aclui.dll
[2014/05/05 12:23:48 | 000,872,448 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SkyDrive.exe
[2014/05/05 12:23:48 | 000,855,552 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/05/05 12:23:48 | 000,834,560 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\netlogon.dll
[2014/05/05 12:23:48 | 000,801,792 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/05/05 12:23:48 | 000,800,256 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\ReAgent.dll
[2014/05/05 12:23:48 | 000,731,648 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\adtschema.dll
[2014/05/05 12:23:48 | 000,731,648 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\adtschema.dll
[2014/05/05 12:23:48 | 000,721,408 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/05/05 12:23:48 | 000,717,312 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\nshwfp.dll
[2014/05/05 12:23:48 | 000,669,696 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\rasapi32.dll
[2014/05/05 12:23:48 | 000,667,136 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\gpprefcl.dll
[2014/05/05 12:23:48 | 000,655,360 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dnsapi.dll
[2014/05/05 12:23:48 | 000,629,760 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/05/05 12:23:48 | 000,621,568 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MDMAgent.exe
[2014/05/05 12:23:48 | 000,589,824 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\gpprefcl.dll
[2014/05/05 12:23:48 | 000,567,296 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\nshwfp.dll
[2014/05/05 12:23:48 | 000,563,200 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AdmTmpl.dll
[2014/05/05 12:23:48 | 000,542,208 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Graphics.Printing.dll
[2014/05/05 12:23:48 | 000,518,552 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dxgi.dll
[2014/05/05 12:23:48 | 000,512,000 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlidprov.dll
[2014/05/05 12:23:48 | 000,492,256 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mfsvr.dll
[2014/05/05 12:23:48 | 000,488,280 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\netcfgx.dll
[2014/05/05 12:23:48 | 000,467,800 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014/05/05 12:23:48 | 000,467,504 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AudioSes.dll
[2014/05/05 12:23:48 | 000,463,264 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AudioEng.dll
[2014/05/05 12:23:48 | 000,462,336 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlangpui.dll
[2014/05/05 12:23:48 | 000,444,928 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AdmTmpl.dll
[2014/05/05 12:23:48 | 000,443,904 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlansec.dll
[2014/05/05 12:23:48 | 000,428,888 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/05/05 12:23:48 | 000,425,984 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\clusapi.dll
[2014/05/05 12:23:48 | 000,412,672 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\FWPUCLNT.DLL
[2014/05/05 12:23:48 | 000,402,432 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Graphics.Printing.dll
[2014/05/05 12:23:48 | 000,390,488 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\netcfgx.dll
[2014/05/05 12:23:48 | 000,388,408 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mfsvr.dll
[2014/05/05 12:23:48 | 000,387,210 | ---- | M] () -- E:\WINDOWS\SysNative\ApnDatabase.xml
[2014/05/05 12:23:48 | 000,386,560 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlangpui.dll
[2014/05/05 12:23:48 | 000,379,224 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014/05/05 12:23:48 | 000,376,152 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\clfs.sys
[2014/05/05 12:23:48 | 000,370,176 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlanmsm.dll
[2014/05/05 12:23:48 | 000,364,640 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/05/05 12:23:48 | 000,360,512 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mfreadwrite.dll
[2014/05/05 12:23:48 | 000,356,864 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlidprov.dll
[2014/05/05 12:23:48 | 000,356,848 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dcomp.dll
[2014/05/05 12:23:48 | 000,355,832 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mfreadwrite.dll
[2014/05/05 12:23:48 | 000,337,752 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014/05/05 12:23:48 | 000,334,848 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\MDEServer.exe
[2014/05/05 12:23:48 | 000,325,632 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\LocationApi.dll
[2014/05/05 12:23:48 | 000,313,344 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\clusapi.dll
[2014/05/05 12:23:48 | 000,305,768 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/05/05 12:23:48 | 000,300,544 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlanmsm.dll
[2014/05/05 12:23:48 | 000,299,008 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\pdh.dll
[2014/05/05 12:23:48 | 000,298,496 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\WSDMon.dll
[2014/05/05 12:23:48 | 000,296,960 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlanapi.dll
[2014/05/05 12:23:48 | 000,291,840 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2014/05/05 12:23:48 | 000,274,944 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\WsmWmiPl.dll
[2014/05/05 12:23:48 | 000,271,872 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\spp.dll
[2014/05/05 12:23:48 | 000,264,192 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2014/05/05 12:23:48 | 000,262,656 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\LocationApi.dll
[2014/05/05 12:23:48 | 000,254,976 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\pdh.dll
[2014/05/05 12:23:48 | 000,252,928 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/05/05 12:23:48 | 000,247,296 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SensorsApi.dll
[2014/05/05 12:23:48 | 000,244,888 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\audiodg.exe
[2014/05/05 12:23:48 | 000,230,400 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlanapi.dll
[2014/05/05 12:23:48 | 000,226,304 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2014/05/05 12:23:48 | 000,222,720 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\dcomp.dll
[2014/05/05 12:23:48 | 000,212,992 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\cdd.dll
[2014/05/05 12:23:48 | 000,201,216 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ReInfo.dll
[2014/05/05 12:23:48 | 000,201,216 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/05/05 12:23:48 | 000,197,632 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/05/05 12:23:48 | 000,192,000 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Devices.Scanners.dll
[2014/05/05 12:23:48 | 000,186,368 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\dafWfdProvider.dll
[2014/05/05 12:23:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\ReInfo.dll
[2014/05/05 12:23:48 | 000,171,008 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\SensorsApi.dll
[2014/05/05 12:23:48 | 000,160,768 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\AppxAllUserStore.dll
[2014/05/05 12:23:48 | 000,157,016 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\wof.sys
[2014/05/05 12:23:48 | 000,151,040 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2014/05/05 12:23:48 | 000,139,776 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2014/05/05 12:23:48 | 000,136,024 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2014/05/05 12:23:48 | 000,115,200 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\DevPropMgr.dll
[2014/05/05 12:23:48 | 000,113,648 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\userenv.dll
[2014/05/05 12:23:48 | 000,111,616 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\hidclass.sys
[2014/05/05 12:23:48 | 000,110,592 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drvinst.exe
[2014/05/05 12:23:48 | 000,102,912 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\davclnt.dll
[2014/05/05 12:23:48 | 000,098,816 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\drvinst.exe
[2014/05/05 12:23:48 | 000,086,016 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\RMapi.dll
[2014/05/05 12:23:48 | 000,083,968 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\sxproxy.dll
[2014/05/05 12:23:48 | 000,079,360 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\w32tm.exe
[2014/05/05 12:23:48 | 000,070,656 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\w32tm.exe
[2014/05/05 12:23:48 | 000,069,120 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\l2gpstore.dll
[2014/05/05 12:23:48 | 000,064,512 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\tsgqec.dll
[2014/05/05 12:23:48 | 000,058,368 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\l2gpstore.dll
[2014/05/05 12:23:48 | 000,057,856 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drvcfg.exe
[2014/05/05 12:23:48 | 000,053,248 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\tsgqec.dll
[2014/05/05 12:23:48 | 000,051,200 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\UMDF\HidBthLE.dll
[2014/05/05 12:23:48 | 000,040,960 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2014/05/05 12:23:48 | 000,040,448 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\SetNetworkLocation.dll
[2014/05/05 12:23:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2014/05/05 12:23:48 | 000,033,792 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\sxproxy.dll
[2014/05/05 12:23:48 | 000,030,208 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/05/05 12:23:48 | 000,027,136 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/05/05 12:23:48 | 000,011,264 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wlanhlp.dll
[2014/05/05 12:23:48 | 000,011,264 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wlanhlp.dll
[2014/05/05 12:18:02 | 000,606,720 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqsnap.dll
[2014/05/05 12:18:02 | 000,192,000 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\iisRtl.dll
[2014/05/05 12:18:02 | 000,173,568 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\drivers\mqac.sys
[2014/05/05 12:18:02 | 000,157,696 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\iisRtl.dll
[2014/05/05 12:18:02 | 000,095,744 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa.tlb
[2014/05/05 12:18:02 | 000,090,112 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa30.tlb
[2014/05/05 12:18:02 | 000,062,976 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\ahadmin.dll
[2014/05/05 12:18:02 | 000,054,784 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa20.tlb
[2014/05/05 12:18:02 | 000,054,784 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\admwprox.dll
[2014/05/05 12:18:02 | 000,051,200 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\admwprox.dll
[2014/05/05 12:18:02 | 000,036,352 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa10.tlb
[2014/05/05 12:18:02 | 000,017,408 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\iisreset.exe
[2014/05/05 12:18:02 | 000,015,360 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\wamregps.dll
[2014/05/05 12:18:02 | 000,014,848 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqcertui.dll
[2014/05/05 12:18:02 | 000,012,288 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\iisrstap.dll
[2014/05/05 12:18:01 | 000,788,992 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqsnap.dll
[2014/05/05 12:18:01 | 000,563,200 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqutil.dll
[2014/05/05 12:18:01 | 000,253,440 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqoa.dll
[2014/05/05 12:18:01 | 000,231,424 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqsec.dll
[2014/05/05 12:18:01 | 000,227,840 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqrt.dll
[2014/05/05 12:18:01 | 000,226,816 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqad.dll
[2014/05/05 12:18:01 | 000,144,384 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqcmiplugin.dll
[2014/05/05 12:18:01 | 000,135,168 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqmigplugin.dll
[2014/05/05 12:18:01 | 000,122,368 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqlogmgr.dll
[2014/05/05 12:18:01 | 000,095,744 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa.tlb
[2014/05/05 12:18:01 | 000,090,112 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa30.tlb
[2014/05/05 12:18:01 | 000,054,784 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa20.tlb
[2014/05/05 12:18:01 | 000,036,352 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa10.tlb
[2014/05/05 12:18:01 | 000,026,112 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\ahadmin.dll
[2014/05/05 12:18:01 | 000,017,408 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqcertui.dll
[2014/05/05 12:18:01 | 000,016,384 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\iisreset.exe
[2014/05/05 12:18:01 | 000,011,264 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\wamregps.dll
[2014/05/05 12:18:01 | 000,010,240 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\iisrstap.dll
[2014/05/05 12:18:01 | 000,009,096 | ---- | M] () -- E:\WINDOWS\SysWow64\msmqtrc.mof
[2014/05/05 12:18:00 | 001,408,512 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqqm.dll
[2014/05/05 12:18:00 | 000,563,712 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqutil.dll
[2014/05/05 12:18:00 | 000,302,080 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqoa.dll
[2014/05/05 12:18:00 | 000,184,832 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqsec.dll
[2014/05/05 12:18:00 | 000,176,640 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqad.dll
[2014/05/05 12:18:00 | 000,157,184 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqrt.dll
[2014/05/05 12:18:00 | 000,131,072 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqmigplugin.dll
[2014/05/05 12:18:00 | 000,118,784 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysWow64\mqcmiplugin.dll
[2014/05/05 12:18:00 | 000,009,096 | ---- | M] () -- E:\WINDOWS\SysNative\msmqtrc.mof
[2014/05/05 12:17:59 | 000,051,200 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqbkup.exe
[2014/05/05 12:17:59 | 000,025,600 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\SysNative\mqsvc.exe
[2014/05/05 10:38:02 | 000,028,578 | ---- | M] () -- E:\WINDOWS\diagwrn.xml
[2014/05/05 10:38:02 | 000,028,578 | ---- | M] () -- E:\WINDOWS\diagerr.xml
[2014/05/05 10:37:52 | 000,022,840 | ---- | M] () -- E:\WINDOWS\SysNative\emptyregdb.dat
[2014/05/05 10:26:55 | 000,966,512 | ---- | M] () -- E:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/05/05 10:26:01 | 000,000,000 | -H-- | M] () -- E:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/05/05 09:31:35 | 000,001,518 | ---- | M] () -- E:\Users\Public\Desktop\Adobe Application Manager.lnk
[2014/05/02 07:09:44 | 000,000,132 | ---- | M] () -- E:\Users\TC\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2014/05/01 14:30:26 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- E:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/05/01 14:30:26 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- E:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/01 08:11:20 | 000,002,110 | ---- | M] () -- E:\Users\TC\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2014/04/29 11:20:03 | 000,961,585 | ---- | M] () -- E:\Users\TC\Documents\New Doc 2 - Scanned by CamScanner.pdf
[2014/04/29 11:05:10 | 000,227,579 | ---- | M] () -- E:\Users\TC\Documents\emails.pdf
[2014/04/24 18:26:17 | 000,001,456 | ---- | M] () -- E:\Users\TC\AppData\Local\Adobe Save for Web 13.0 Prefs
[2014/04/24 10:57:50 | 000,001,043 | ---- | M] () -- E:\Users\TC\Application Data\Microsoft\Internet Explorer\Quick Launch\Fotosizer.lnk
[2014/04/24 10:57:50 | 000,001,019 | ---- | M] () -- E:\Users\Public\Desktop\Fotosizer.lnk
[1 E:\WINDOWS\SysNative\*.tmp files -> E:\WINDOWS\SysNative\*.tmp -> ]
[1 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/05/20 10:53:28 | 000,625,664 | ---- | C] () -- E:\Users\TC\Desktop\dds.scr
[2014/05/20 10:39:04 | 001,326,389 | ---- | C] () -- E:\Users\TC\Desktop\adwcleaner_3.210.exe
[2014/05/19 17:06:40 | 000,001,321 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2014/05/19 17:06:38 | 000,001,390 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2014/05/19 17:06:33 | 000,001,474 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2014/05/19 17:06:30 | 000,002,502 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2014/05/16 09:37:45 | 000,005,728 | ---- | C] () -- E:\Users\Public\Documents\emailexport.csv
[2014/05/15 12:24:06 | 003,972,608 | ---- | C] () -- E:\Users\TC\Desktop\RogueKiller (1).exe
[2014/05/15 12:21:35 | 000,004,620 | ---- | C] () -- E:\WINDOWS\SysNative\.crusader
[2014/05/15 10:13:18 | 000,000,104 | ---- | C] () -- E:\index.ini
[2014/05/12 17:19:22 | 000,000,000 | ---- | C] () -- E:\autoexec.bat
[2014/05/11 18:21:32 | 000,101,914 | ---- | C] () -- E:\Users\TC\Documents\Common Medical Authorization_1.pdf
[2014/05/11 18:20:09 | 000,083,455 | ---- | C] () -- E:\Users\TC\Documents\Common Medical Authorization.pdf
[2014/05/11 18:06:32 | 000,077,123 | ---- | C] () -- E:\Users\TC\Documents\sample_schedule_FOL1146.pdf
[2014/05/06 11:05:50 | 000,000,162 | -H-- | C] () -- E:\Users\TC\Documents\~$inglet.htm
[2014/05/05 12:23:48 | 000,387,210 | ---- | C] () -- E:\WINDOWS\SysNative\ApnDatabase.xml
[2014/05/05 12:18:01 | 000,009,096 | ---- | C] () -- E:\WINDOWS\SysWow64\msmqtrc.mof
[2014/05/05 12:18:00 | 000,009,096 | ---- | C] () -- E:\WINDOWS\SysNative\msmqtrc.mof
[2014/05/05 10:40:30 | 000,001,442 | ---- | C] () -- E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/05/05 10:33:28 | 000,001,547 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2014/05/05 10:30:27 | 000,028,578 | ---- | C] () -- E:\WINDOWS\diagwrn.xml
[2014/05/05 10:30:27 | 000,028,578 | ---- | C] () -- E:\WINDOWS\diagerr.xml
[2014/05/05 10:30:24 | 000,000,369 | ---- | C] () -- E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2014/05/05 10:30:24 | 000,000,369 | ---- | C] () -- E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2014/05/05 10:30:24 | 000,000,352 | ---- | C] () -- E:\Users\TC\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/05/05 10:30:24 | 000,000,334 | ---- | C] () -- E:\Users\TC\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/05/05 10:26:55 | 000,966,512 | ---- | C] () -- E:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/05/05 10:26:01 | 000,000,000 | -H-- | C] () -- E:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/05/05 09:36:18 | 000,001,195 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS6.lnk
[2014/05/05 09:35:26 | 000,001,169 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
[2014/05/05 09:34:53 | 000,001,285 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
[2014/04/29 11:20:03 | 000,961,585 | ---- | C] () -- E:\Users\TC\Documents\New Doc 2 - Scanned by CamScanner.pdf
[2014/04/29 11:05:09 | 000,227,579 | ---- | C] () -- E:\Users\TC\Documents\emails.pdf
[2014/04/25 08:40:28 | 000,000,386 | ---- | C] () -- E:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rmv.job
[2014/04/25 08:40:28 | 000,000,386 | ---- | C] () -- E:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rel.job
[2014/03/18 04:15:05 | 000,002,255 | ---- | C] () -- E:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 04:14:37 | 000,103,936 | ---- | C] () -- E:\WINDOWS\SysWow64\OEMLicense.dll
[2014/03/04 20:29:25 | 000,000,132 | ---- | C] () -- E:\Users\TC\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
[2014/02/26 15:47:03 | 000,001,456 | ---- | C] () -- E:\Users\TC\AppData\Local\Adobe Save for Web 13.0 Prefs
[2014/02/13 10:33:58 | 000,000,132 | ---- | C] () -- E:\Users\TC\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2014/02/01 19:09:43 | 000,000,075 | ---- | C] () -- E:\ProgramData\nvUnsupRes.dat
[2013/08/22 09:36:43 | 000,215,943 | ---- | C] () -- E:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 09:36:42 | 000,000,741 | ---- | C] () -- E:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 08:46:23 | 000,067,584 | --S- | C] () -- E:\WINDOWS\bootstat.dat
[2013/08/22 01:01:23 | 000,043,131 | ---- | C] () -- E:\WINDOWS\mib.bin
[2013/08/21 21:32:36 | 000,046,080 | ---- | C] () -- E:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 17:55:20 | 000,364,544 | ---- | C] () -- E:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 17:52:39 | 000,673,088 | ---- | C] () -- E:\WINDOWS\SysWow64\mlang.dat
========== ZeroAccess Check ==========
[2014/05/12 02:30:29 | 000,000,227 | RHS- | M] () -- E:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = E:\Windows\SysNative\shell32.dll -- [2014/03/27 03:12:37 | 021,225,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/27 01:48:28 | 018,679,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = E:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 03:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 20:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = E:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 03:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/05/12 22:50:22 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\Angry_Birds
[2014/02/25 10:44:17 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\AVG
[2014/04/09 12:22:22 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\AVG2014
[2014/05/04 23:35:07 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\Azureus
[2014/02/14 16:10:05 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014/05/06 13:10:34 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\FileZilla
[2014/02/10 13:39:22 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\PDAppFlex
[2014/01/31 22:35:03 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014/04/22 11:31:56 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\TeamViewer
[2014/02/18 13:04:21 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\TemplateToaster
[2014/01/31 21:15:41 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\Thunderbird
[2014/02/22 08:24:29 | 000,000,000 | ---D | M] -- E:\Users\TC\AppData\Roaming\TuneUp Software
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.ADML >
[2014/03/18 03:32:08 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- E:\Windows\PolicyDefinitions\en-US\Explorer.adml
[2014/03/18 03:32:08 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- E:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.3.9600.17031_en-us_13f1d1e13e26c343\Explorer.adml
< MD5 for: EXPLORER.ADMX >
[2013/06/18 08:57:40 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- E:\Windows\PolicyDefinitions\Explorer.admx
[2013/06/18 08:57:40 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- E:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.3.9600.17031_none_06abfc02c4a730f6\Explorer.admx
< MD5 for: EXPLORER.DESIGNER.VB >
[2008/07/30 06:54:20 | 000,036,545 | ---- | M] () MD5=0BFA552D19A4A7F9130A71DFBBCB1407 -- E:\ProgramData\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.designer.vb
[2008/07/30 06:54:20 | 000,036,545 | ---- | M] () MD5=0BFA552D19A4A7F9130A71DFBBCB1407 -- E:\ProgramData\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.designer.vb
[2008/07/30 06:54:20 | 000,036,545 | ---- | M] () MD5=0BFA552D19A4A7F9130A71DFBBCB1407 -- E:\Users\All Users\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.designer.vb
[2008/07/30 06:54:20 | 000,036,545 | ---- | M] () MD5=0BFA552D19A4A7F9130A71DFBBCB1407 -- E:\Users\All Users\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.designer.vb
< MD5 for: EXPLORER.EXE >
[2014/05/05 12:23:48 | 002,088,160 | ---- | M] (Microsoft Corporation) MD5=119E091B5386379BC5AA598BE9440C75 -- E:\Windows\SysWOW64\explorer.exe
[2014/05/05 12:23:48 | 002,088,160 | ---- | M] (Microsoft Corporation) MD5=119E091B5386379BC5AA598BE9440C75 -- E:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2014/05/12 05:02:07 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- E:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2014/05/12 04:53:30 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- E:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014/05/05 12:23:48 | 002,373,784 | ---- | M] (Microsoft Corporation) MD5=81394C91B7B5A7C799E249AE82491F13 -- E:\Windows\explorer.exe
[2014/05/05 12:23:48 | 002,373,784 | ---- | M] (Microsoft Corporation) MD5=81394C91B7B5A7C799E249AE82491F13 -- E:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
< MD5 for: EXPLORER.EXE.MUI >
[2014/03/18 04:14:56 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\Windows\en-US\explorer.exe.mui
[2014/03/18 04:14:56 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\Windows\SysWOW64\en-US\explorer.exe.mui
[2014/03/18 04:14:56 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\Windows\WinSxS\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.17031_en-us_f6e3d96c47731bda\explorer.exe.mui
[2014/03/18 04:14:56 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\Windows\WinSxS\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.17031_en-us_013883be7bd3ddd5\explorer.exe.mui
< MD5 for: EXPLORER.EXE-7A3328DA.PF >
[2014/05/20 10:47:51 | 000,297,270 | ---- | M] () MD5=D9571FDD3B0E9837C1E16F9F0D3EE810 -- E:\Windows\Prefetch\EXPLORER.EXE-7A3328DA.pf
< MD5 for: EXPLORER.RESX >
[2008/07/30 06:54:20 | 000,040,049 | ---- | M] () MD5=B16D2C77324DE7222CB0EA55C7B32784 -- E:\ProgramData\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.resx
[2008/07/30 06:54:20 | 000,040,049 | ---- | M] () MD5=B16D2C77324DE7222CB0EA55C7B32784 -- E:\ProgramData\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.resx
[2008/07/30 06:54:20 | 000,040,049 | ---- | M] () MD5=B16D2C77324DE7222CB0EA55C7B32784 -- E:\Users\All Users\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.resx
[2008/07/30 06:54:20 | 000,040,049 | ---- | M] () MD5=B16D2C77324DE7222CB0EA55C7B32784 -- E:\Users\All Users\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.resx
< MD5 for: EXPLORER.VB >
[2008/07/30 06:54:20 | 000,008,501 | ---- | M] () MD5=55808E7AF87B5C18B97707BEF8EBDDEA -- E:\ProgramData\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vb
[2008/07/30 06:54:20 | 000,008,501 | ---- | M] () MD5=55808E7AF87B5C18B97707BEF8EBDDEA -- E:\ProgramData\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vb
[2008/07/30 06:54:20 | 000,008,501 | ---- | M] () MD5=55808E7AF87B5C18B97707BEF8EBDDEA -- E:\Users\All Users\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vb
[2008/07/30 06:54:20 | 000,008,501 | ---- | M] () MD5=55808E7AF87B5C18B97707BEF8EBDDEA -- E:\Users\All Users\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vb
< MD5 for: EXPLORER.VSTEMPLATE >
[2008/07/30 06:54:20 | 000,006,491 | ---- | M] () MD5=FB731348042E3356E2215A6747CE893C -- E:\ProgramData\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vstemplate
[2008/07/30 06:54:20 | 000,006,491 | ---- | M] () MD5=FB731348042E3356E2215A6747CE893C -- E:\ProgramData\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vstemplate
[2008/07/30 06:54:20 | 000,006,491 | ---- | M] () MD5=FB731348042E3356E2215A6747CE893C -- E:\Users\All Users\Microsoft\VSTAHost\CorelDRAW\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vstemplate
[2008/07/30 06:54:20 | 000,006,491 | ---- | M] () MD5=FB731348042E3356E2215A6747CE893C -- E:\Users\All Users\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Explorer.zip\explorer.vstemplate
< MD5 for: EXPLORER.ZIP >
[2008/07/30 06:54:22 | 000,024,306 | ---- | M] () MD5=15FB707D04E269482E95D08430955719 -- E:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\ItemTemplates\VisualBasic\Windows Forms\1033\Explorer.zip
< MD5 for: IEXPLORE.BAT >
[2014/04/05 23:13:18 | 000,031,401 | ---- | M] () MD5=335DFF8F23E5EC02B5426362F0F8509B -- E:\Users\TC\AppData\Local\Temp\jrt\iexplore.bat
< MD5 for: IEXPLORE.EXE >
[2014/03/18 04:28:15 | 000,811,696 | ---- | M] (Microsoft Corporation) MD5=3EBF452B807F412EC0F19141ADA060E5 -- E:\Program Files (x86)\Internet Explorer\iexplore.exe
[2014/03/18 04:28:15 | 000,811,696 | ---- | M] (Microsoft Corporation) MD5=3EBF452B807F412EC0F19141ADA060E5 -- E:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.17037_none_a6eb9498c5079540\iexplore.exe
[2014/03/18 04:28:15 | 000,809,648 | ---- | M] (Microsoft Corporation) MD5=B015ECD030DA9A979E6D1A3D25F8FD86 -- E:\Program Files\Internet Explorer\iexplore.exe
[2014/03/18 04:28:15 | 000,809,648 | ---- | M] (Microsoft Corporation) MD5=B015ECD030DA9A979E6D1A3D25F8FD86 -- E:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.17037_none_9c96ea4690a6d345\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2014/03/18 03:32:09 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- E:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2014/03/18 03:32:09 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- E:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2014/03/18 03:32:09 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- E:\Windows\WinSxS\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_962853ddc8679ca8\iexplore.exe.mui
[2014/03/18 03:32:09 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- E:\Windows\WinSxS\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_a07cfe2ffcc85ea3\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-1B894AFB.PF >
[2014/05/16 11:34:48 | 000,130,474 | ---- | M] () MD5=A3D79372A13F27509CAC264969CF13F0 -- E:\Windows\Prefetch\IEXPLORE.EXE-1B894AFB.pf
< MD5 for: IEXPLORE.EXE-F6A52C88.PF >
[2014/05/16 11:34:48 | 000,334,264 | ---- | M] () MD5=7EBB57CBEA8162D8F6A1D497CD585E59 -- E:\Windows\Prefetch\IEXPLORE.EXE-F6A52C88.pf
< MD5 for: IEXPLORE.VISUALELEMENTSMANIFEST.XML >
[2013/06/18 08:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- E:\Program Files\Internet Explorer\iexplore.VisualElementsManifest.xml
[2013/06/18 08:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- E:\Windows\WinSxS\amd64_microsoft-windows-immersivebrowser_31bf3856ad364e35_11.0.9600.16384_none_c673d0d2f4ca87f4\iexplore.VisualElementsManifest.xml
< MD5 for: SERVICES >
[2013/08/22 09:04:54 | 000,003,777 | ---- | M] () MD5=5EE2D65841D1985E8C1BC68B2EB4357B -- E:\Windows\WinSxS\amd64_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.3.9600.16384_none_25fdfd813908f8a6\services
< MD5 for: SERVICES.AIP >
[2012/03/29 21:35:50 | 000,297,104 | ---- | M] (Adobe Systems Incorporated) MD5=8311BFD3FD21EB8089259C491406A7B0 -- E:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Plug-ins\Extensions\Services.aip
< MD5 for: SERVICES.ASFX >
[2012/01/03 07:10:54 | 000,003,312 | ---- | M] () MD5=635BB28624835AC3C03696B1C74E7B9A -- E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\Services\Services.asfx
[2012/01/03 07:10:54 | 000,003,252 | ---- | M] () MD5=B2F4D7E7D9563E1A6260039B2F26E61A -- E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\fr_FR\Services\Services.asfx
< MD5 for: SERVICES.CFG >
[2012/01/03 07:10:56 | 000,585,874 | ---- | M] () MD5=0E19E0BEA7B159153258688CF8ED7716 -- E:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Services\Services.cfg
[2010/10/25 16:13:46 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- E:\Windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\services.cfg
< MD5 for: SERVICES.DAT >
[2014/04/05 22:32:27 | 000,004,173 | ---- | M] () MD5=ED018DB6916ACAB46011A330B4B116AA -- E:\Users\TC\AppData\Local\Temp\jrt\services.dat
< MD5 for: SERVICES.EXE >
[2013/08/22 07:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- E:\WINDOWS\SysNative\services.exe
[2013/08/22 07:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- E:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2014/03/18 03:31:50 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\WINDOWS\SysNative\en-US\services.exe.mui
[2014/03/18 03:31:50 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.3.9600.16384_en-us_5abba721f9ec3435\services.exe.mui
< MD5 for: SERVICES.JS >
[2014/05/06 22:46:30 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- E:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/05/06 22:46:30 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- E:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/05/06 22:46:30 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- E:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/05/06 22:46:30 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- E:\Program Files\WindowsApps\Microsoft.BingNews_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/05/06 22:46:30 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- E:\Program Files\WindowsApps\Microsoft.BingSports_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/05/06 22:46:30 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- E:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/05/06 22:46:30 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- E:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
< MD5 for: SERVICES.LNK >
[2013/08/22 00:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 00:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- E:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 00:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- E:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.lnk
< MD5 for: SERVICES.MOF >
[2013/06/18 08:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- E:\WINDOWS\SysNative\wbem\services.mof
[2013/06/18 08:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- E:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\services.mof
< MD5 for: SERVICES.MSC >
[2014/03/18 03:31:51 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\WINDOWS\SysNative\en-US\services.msc
[2013/06/18 08:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\WINDOWS\SysNative\services.msc
[2014/03/18 03:31:51 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\Windows\SysWOW64\en-US\services.msc
[2013/06/18 06:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\Windows\SysWOW64\services.msc
[2014/03/18 03:31:51 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_94fd770dd055ce28\services.msc
[2013/06/18 08:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.msc
[2013/06/18 06:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\Windows\WinSxS\wow64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_ca76ed014e12ad52\services.msc
[2014/03/18 03:31:51 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- E:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_38dedb8a17f85cf2\services.msc
< MD5 for: SERVICES.PTXML >
[2013/08/22 00:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- E:\WINDOWS\SysNative\wdi\perftrack\Services.ptxml
[2013/08/22 00:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- E:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\Services.ptxml
< MD5 for: WINLOGON.ADML >
[2014/03/18 03:32:07 | 000,008,978 | ---- | M] () MD5=AD266AC436809BBDC0A19A05E80904A8 -- E:\Windows\PolicyDefinitions\en-US\WinLogon.adml
[2014/03/18 03:32:07 | 000,008,978 | ---- | M] () MD5=AD266AC436809BBDC0A19A05E80904A8 -- E:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.3.9600.16384_en-us_85c27192b0d9003d\WinLogon.adml
< MD5 for: WINLOGON.ADMX >
[2014/03/18 03:45:58 | 000,005,790 | ---- | M] () MD5=940072E0DE8621F5AB0028A96309221E -- E:\Windows\PolicyDefinitions\WinLogon.admx
[2014/03/18 03:45:58 | 000,005,790 | ---- | M] () MD5=940072E0DE8621F5AB0028A96309221E -- E:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.3.9600.16384_none_6bcbbccd4d39421a\WinLogon.admx
< MD5 for: WINLOGON.EXE >
[2014/03/18 04:14:50 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- E:\WINDOWS\SysNative\winlogon.exe
[2014/03/18 04:14:50 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- E:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2014/03/18 03:32:01 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- E:\WINDOWS\SysNative\en-US\winlogon.exe.mui
[2014/03/18 03:32:01 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- E:\Windows\WinSxS\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.3.9600.16384_en-us_bbb6f195d80d78ae\winlogon.exe.mui
< MD5 for: WINLOGON.EXE-A7332602.PF >
[2014/05/16 13:20:59 | 000,007,420 | ---- | M] () MD5=8D26E727174EB7884C6984C24437FBB9 -- E:\Windows\Prefetch\WINLOGON.EXE-A7332602.pf
< MD5 for: WINLOGON.MFL >
[2014/03/18 03:32:01 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- E:\WINDOWS\SysNative\wbem\en-US\winlogon.mfl
[2014/03/18 03:32:01 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- E:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.3.9600.16384_en-us_19794360f345d243\winlogon.mfl
< MD5 for: WINLOGON.MOF >
[2013/08/22 00:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- E:\WINDOWS\SysNative\wbem\winlogon.mof
[2013/08/22 00:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- E:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.3.9600.16384_none_70f729db49dee3dc\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2014/05/12 17:19:22 | 000,000,000 | ---- | M] () -- E:\autoexec.bat
[2013/06/18 06:18:29 | 000,000,001 | --S- | M] () -- E:\BOOTNXT
[2014/05/20 10:42:42 | 3170,185,216 | -HS- | M] () -- E:\hiberfil.sys
[2014/05/15 10:13:59 | 000,000,104 | ---- | M] () -- E:\index.ini
[2014/05/20 10:42:45 | 4294,967,295 | -HS- | M] () -- E:\pagefile.sys
[2014/05/20 10:42:45 | 268,435,456 | -HS- | M] () -- E:\swapfile.sys
[2014/05/19 13:34:17 | 000,213,852 | ---- | M] () -- E:\TDSSKiller.3.0.0.34_19.05.2014_13.33.38_log.txt
< %systemroot%\Fonts\*.com >
[2014/05/05 12:18:03 | 000,026,040 | ---- | M] () -- E:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2014/05/05 12:18:03 | 000,026,489 | ---- | M] () -- E:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2014/05/05 12:18:03 | 000,029,779 | ---- | M] () -- E:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2014/05/05 12:18:03 | 000,043,318 | ---- | M] () -- E:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2013/08/22 09:35:03 | 000,000,065 | ---- | M] () -- E:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2014/03/31 21:34:22 | 000,322,248 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\WLXPGSS.SCR
[1 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2013/08/22 09:34:52 | 000,000,174 | -HS- | M] () -- E:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive E has no label.
Volume Serial Number is 06A4-EA5E
Directory of E:\
08/22/2013 08:45 AM Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of E:\ProgramData
08/22/2013 08:45 AM Application Data [E:\ProgramData]
08/22/2013 08:45 AM Desktop [E:\Users\Public\Desktop]
08/22/2013 08:45 AM Documents [E:\Users\Public\Documents]
05/05/2014 10:38 AM Favorites [E:\Users\Public\Favorites]
08/22/2013 08:45 AM Start Menu [E:\ProgramData\Microsoft\Windows\Start Menu]
08/22/2013 08:45 AM Templates [E:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of E:\Users
08/22/2013 08:45 AM All Users [E:\ProgramData]
08/22/2013 08:45 AM Default User [E:\Users\Default]
0 File(s) 0 bytes
Directory of E:\Users\All Users
08/22/2013 08:45 AM Application Data [E:\ProgramData]
08/22/2013 08:45 AM Desktop [E:\Users\Public\Desktop]
08/22/2013 08:45 AM Documents [E:\Users\Public\Documents]
05/05/2014 10:38 AM Favorites [E:\Users\Public\Favorites]
08/22/2013 08:45 AM Start Menu [E:\ProgramData\Microsoft\Windows\Start Menu]
08/22/2013 08:45 AM Templates [E:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of E:\Users\Default
08/22/2013 08:45 AM Application Data [E:\Users\Default\AppData\Roaming]
08/22/2013 08:45 AM Cookies [E:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies]
08/22/2013 08:45 AM Local Settings [E:\Users\Default\AppData\Local]
08/22/2013 08:45 AM My Documents [E:\Users\Default\Documents]
08/22/2013 08:45 AM NetHood [E:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08/22/2013 08:45 AM PrintHood [E:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/22/2013 08:45 AM Recent [E:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
08/22/2013 08:45 AM SendTo [E:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
08/22/2013 08:45 AM Start Menu [E:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
08/22/2013 08:45 AM Templates [E:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of E:\Users\Default\AppData\Local
08/22/2013 08:45 AM Application Data [E:\Users\Default\AppData\Local]
08/22/2013 08:45 AM History [E:\Users\Default\AppData\Local\Microsoft\Windows\History]
08/22/2013 08:45 AM Temporary Internet Files [E:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of E:\Users\Default\AppData\Local\Microsoft\Windows
08/22/2013 08:45 AM Temporary Internet Files [E:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of E:\Users\Default\Documents
08/22/2013 08:45 AM My Music [E:\Users\Default\Music]
08/22/2013 08:45 AM My Pictures [E:\Users\Default\Pictures]
08/22/2013 08:45 AM My Videos [E:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of E:\Users\Default.migrated\Documents
07/26/2012 01:22 AM My Music [E:\Users\Default\Music]
07/26/2012 01:22 AM My Pictures [E:\Users\Default\Pictures]
07/26/2012 01:22 AM My Videos [E:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of E:\Users\DefaultAppPool
05/05/2014 10:30 AM Application Data [E:\Users\DefaultAppPool\AppData\Roaming]
05/05/2014 10:30 AM Cookies [E:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCookies]
05/05/2014 10:30 AM Local Settings [E:\Users\DefaultAppPool\AppData\Local]
05/05/2014 10:30 AM My Documents [E:\Users\DefaultAppPool\Documents]
05/05/2014 10:30 AM NetHood [E:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
05/05/2014 10:30 AM PrintHood [E:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
05/05/2014 10:30 AM Recent [E:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Recent]
05/05/2014 10:30 AM SendTo [E:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo]
05/05/2014 10:30 AM Start Menu [E:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu]
05/05/2014 10:30 AM Templates [E:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of E:\Users\DefaultAppPool\AppData\Local
05/05/2014 10:30 AM Application Data [E:\Users\DefaultAppPool\AppData\Local]
05/05/2014 10:30 AM History [E:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\History]
05/05/2014 10:30 AM Temporary Internet Files [E:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of E:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows
05/05/2014 10:30 AM Temporary Internet Files [E:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of E:\Users\DefaultAppPool\Documents
05/05/2014 10:30 AM My Music [E:\Users\DefaultAppPool\Music]
05/05/2014 10:30 AM My Pictures [E:\Users\DefaultAppPool\Pictures]
05/05/2014 10:30 AM My Videos [E:\Users\DefaultAppPool\Videos]
0 File(s) 0 bytes
Directory of E:\Users\Public\Documents
08/22/2013 08:45 AM My Music [E:\Users\Public\Music]
08/22/2013 08:45 AM My Pictures [E:\Users\Public\Pictures]
08/22/2013 08:45 AM My Videos [E:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of E:\Users\TC
05/05/2014 10:30 AM Application Data [E:\Users\TC\AppData\Roaming]
05/05/2014 10:30 AM Cookies [E:\Users\TC\AppData\Local\Microsoft\Windows\INetCookies]
05/05/2014 10:30 AM Local Settings [E:\Users\TC\AppData\Local]
05/05/2014 10:30 AM My Documents [E:\Users\TC\Documents]
05/05/2014 10:30 AM NetHood [E:\Users\TC\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
05/05/2014 10:30 AM PrintHood [E:\Users\TC\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
05/05/2014 10:30 AM Recent [E:\Users\TC\AppData\Roaming\Microsoft\Windows\Recent]
05/05/2014 10:30 AM SendTo [E:\Users\TC\AppData\Roaming\Microsoft\Windows\SendTo]
05/05/2014 10:30 AM Start Menu [E:\Users\TC\AppData\Roaming\Microsoft\Windows\Start Menu]
05/05/2014 10:30 AM Templates [E:\Users\TC\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of E:\Users\TC\AppData\Local
05/05/2014 10:30 AM Application Data [E:\Users\TC\AppData\Local]
05/05/2014 10:30 AM History [E:\Users\TC\AppData\Local\Microsoft\Windows\History]
05/05/2014 10:30 AM Temporary Internet Files [E:\Users\TC\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of E:\Users\TC\AppData\Local\Microsoft\Windows
05/05/2014 10:30 AM Temporary Internet Files [E:\Users\TC\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of E:\Users\TC\AppData\Local\Microsoft\Windows\INetCache
05/05/2014 10:40 AM Content.IE5 [E:\Users\TC\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of E:\Users\TC\AppData\Local\Microsoft\Windows\INetCache\Low
05/12/2014 02:29 AM Content.IE5 [E:\Users\TC\AppData\Local\Microsoft\Windows\INetCache\Low\IE\]
0 File(s) 0 bytes
Directory of E:\Users\TC\Documents
05/05/2014 10:30 AM My Music [E:\Users\TC\Music]
05/05/2014 10:30 AM My Pictures [E:\Users\TC\Pictures]
05/05/2014 10:30 AM My Videos [E:\Users\TC\Videos]
0 File(s) 0 bytes
Directory of E:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
05/06/2014 01:34 AM Content.IE5 [E:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of E:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
05/06/2014 01:34 AM Content.IE5 [E:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
76 Dir(s) 57,500,610,560 bytes free
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2014/02/02 10:53:22 | 000,000,221 | -HS- | M] () -- E:\Users\TC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2014/03/18 04:17:23 | 000,000,148 | -HS- | M] () -- E:\Users\TC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2014/05/20 10:39:11 | 001,326,389 | ---- | M] () -- E:\Users\TC\Desktop\adwcleaner_3.210.exe
[2014/05/19 13:51:04 | 005,200,426 | ---- | M] (Swearware) -- E:\Users\TC\Desktop\ComboFix.exe
[2014/05/20 10:53:02 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- E:\Users\TC\Desktop\HiJackThis (1).exe
[2014/05/19 10:08:13 | 001,016,261 | ---- | M] (Thisisu) -- E:\Users\TC\Desktop\JRT.exe
[2014/05/19 14:28:50 | 000,982,016 | ---- | M] (Farbar) -- E:\Users\TC\Desktop\MiniToolBox.exe
[2014/05/19 13:49:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Users\TC\Desktop\OTL.exe
[2014/05/19 10:01:07 | 001,933,048 | ---- | M] (Bleeping Computer, LLC) -- E:\Users\TC\Desktop\rkill.exe
[2014/05/15 12:24:11 | 003,972,608 | ---- | M] () -- E:\Users\TC\Desktop\RogueKiller (1).exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
========== Alternate Data Streams ==========
@Alternate Data Stream - 220 bytes -> E:\Users\TC\OneDrive:ms-properties
< End of report >
Thank you for your assistance in advance,
T.C. Miller